#47798: openssh sandboxing broken on 10.10 ---------------------+-------------------------------- Reporter: dluke@… | Owner: macports-tickets@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.3 Keywords: | Port: openssh ---------------------+-------------------------------- Macports openssh sshd with UsePrivilegeSeparation sandbox (the default) fails on 10.10 with "chroot("/opt/local/var/empty"): Operation not permitted [preauth]" System log says: sandboxd[587] ([36016]): sshd(36016) deny file-read- metadata /opt I verified that "UsePrivilegeSeparation yes" works, and also that re- building with --with-privsep-path=/var/empty also works. (We could probably also alter the sandbox file that we ship, but I'm not sure it's necessary for us to have our own /var/empty sitting in $prefix). -- Ticket URL: <https://trac.macports.org/ticket/47798> MacPorts <https://www.macports.org/> Ports system for OS X